How to use two-step verification with your Microsoft account

Microsoft is rolling out its two-step verification process to improve the security of your Microsoft account. We'll show you how to use it.

Microsoft two-step challenge on Android
Screenshot by Ed Rhee/CNET

Microsoft started rolling out its two-step verification process on April 17. Also known as two-factor authentication or two-step authentication, the process strengthens your account security by requiring you to enter your password (step 1), then a security code (step 2). The security code can be sent to you by e-mail, SMS, or phone call, or you can use an authenticator app on your mobile device.

Enabling two-step verification on your Microsoft account will enable it across all Microsoft services that currently support two-step verification, like Windows, Outlook.com , Office, and SkyDrive . If you're interested in trying it out, here's how to get started:

Enable two-step verification

Step 1: Go to https://account.live.com/proofs/Manage and make sure that you've added an alternate e-mail address and provided a phone number (preferably your mobile number so it can receive SMS messages) to your Microsoft account.

Step 2: Click on the "Set up two-step verification" link.

Set up two-step verification for Microsoft account
Click to enlarge. Screenshot by Ed Rhee/CNET

Step 3: Follow the setup process until you reach the end, then click "Done." You may be asked to provide a verification code, sent to either your phone via SMS or to your alternate e-mail address, before you can complete the two-step setup. Once it's complete, you should receive an e-mail confirmation from Microsoft sent to your alternate e-mail address.

Microsoft two-step setup complete
Click to enlarge. Screenshot by Ed Rhee/CNET

Pair an authenticator app with your Microsoft account

You can get security codes by e-mail, phone call, or SMS, but an even easier way is to use an authenticator app on your mobile device. Authenticator apps, like Google Authenticator, run locally on your device and work even if your device doesn't have an Internet connection. To use an authenticator app, you first have to pair it with your Microsoft account.

Step 1: Download the authenticator app of your choice to your device. Android, iOS, and BlackBerry users can use Google Authenticator, while Windows Phone users can use Microsoft Authenticator.

Step 2: Go back to your Microsoft account security info page and click on the "Set up" link under Authenticator app.

Step 3: Launch your authenticator app, then scan the bar code on the screen.

Step 4: When the security code appears in the authenticator app, enter it in the box, then click on the Pair button.

Pair authenticator app with Microsoft account
Click to enlarge. Screenshot by Ed Rhee/CNET

Using two-step verification

Once you've enabled two-step verification on your Microsoft account, logging in to your Microsoft services will require your account password and a security code.

Security code challenge on the Web
Click to enlarge. Screenshot by Ed Rhee/CNET

If you have an authenticator app paired, it'll request the code from the authenticator app. If you prefer to use a different verification option, click on the link to the right of the code box to choose a text message, phone call, or e-mail.

Google Authenticator security code
Screenshot by Ed Rhee/CNET

If you log in regularly using the same computer or device, you can check the box next to "I sign in frequently on this device. Don't ask me for a code" before you log in. This will add the device to your account as a trusted device and you won't be required to enter the security code every time you log in from that device.

Lastly, some apps and devices don't support security codes. In those instances, you can go to the security info page and create an app password to log in.

Keep in mind that Microsoft's two-step verification is still rolling out, so if you don't see the option yet, check again later.

Read the full CNET Review

Microsoft Outlook.com e-mail

The Bottom Line: A wonderfully clean interface and strong features make Microsoft's Outlook.com a promising new player in e-mail, and a clear alternative to Google's Gmail. / Read full review

About the author

Ed Rhee, a freelance writer based in the San Francisco Bay Area, is an IT veteran turned stay-at-home-dad of two girls. He focuses on Android devices and applications while maintaining a review blog at techdadreview.com.

 

ARTICLE DISCUSSION

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

Hot on CNET

The Next Big Thing

Consoles go wide and far beyond gaming with power and realism.